“Proton does not require a recovery address, but in this case the terror suspect added one on their own. We cannot encrypt this data as we need to be able to send an email to that address if the terror suspect wishes to initiate the recovery process,…"
I love that proton kept referring to the user as the “terror suspect” repeatedly so we would know they’re really the good guy here.
Thanks very much, I believe I understand that part now, like a fingerprint to associate to site components like pulled in js, css, etc. I still don’t understand, though, how they associate that to a particular user of a VPN. Does each request done through a VPN include some sort of identifier for each of us or is AI also doing something to put these requests in a particular user’s bucket?
Could you explain how separate emails would increase security risk? I ask because I’ve used separate emails for absolutely everything and it has only ever helped me with security( if I get a Microsoft security notice to anything other than Microsoft@mydoma.in, I know it’s not legitimate).
I don’t mean in lieu of 2fa, strong pass, etc, I mean in conjunction. I don’t see how it could hurt.
I do this for part of my reg forms. I split the reg process into two parts. First, supply email only. This element uses an obfuscated id. Once they do that, the link sent to their email leads to the rest of the process, using no obfuscation. This should keep from breaking password managers.
Regarding login bruteforcing. I give them 3 shots then a cooling down period.
This process has resulted in a 0% success rate for bots so far. We will see how it holds as the domain sees more traffic.
Since you’re struggling to keep throwing other elements into this discussion in hopes of legitimizing you calling me an idiot over an anonymous comment section that has angered you:
I’m fully vaccinated because the risk of death without has been proven to be significant. I wear a seat belt because the risk of death without has been proven to be significant. I don’t drink and drive because the risk of death when doing so has proven to be significant. I get in my car when fueling because the risk of doing so is so minuscule that there are literally no published statistics regarding the practice.
You seem to be doubling down on the “I’m having a problem winning this with logic so let’s find something else to get this guy on” and super light on any stats, so I’m going to concede you are the winner of this online comment battle(Congrats!). Also, I did find a video showing some static electricity fires so I thought I’d give you that as well. It seems you were right all along.
Luckily there’s no sticker on our car about the risks of driving, so we know it’s safe.
You seem angry. Maybe 4 1/2 hours of vehicle crashes will soothe you. Dont worry, they are high-resolution.
Not that it didn’t happen, just that they are so rare, you had to find a 4 pixel video of one and are completely unable to provide any statistics due to it’s rarity.
I was going to link a vehicle accident to back up my claim but, well, I had problems picking one from the 6 million that occur annually.
But you go ahead and worry about the static electricity while fueling so you can hop in your car and hurtle down the road around the oncoming rockets that are infinitely more likely to end your life but you are, for some strange reason, more OK with.
Can you perhaps share some statistics of explosions caused by getting in a car? No? How about an article of someone blown to smithereens by getting in there car? Not that either?
What you’re feeling better about is the theater of inferred safe practices. The fact that in spite of driving being the top cause of accidental death, you’re ok with but although there is no factual info backing up your fear of getting into your car should give you pause.
Man I got so excited about beeper but it just fails to log in to anything I try to set up. FB, sms, anything at all, it successfully logs me in and then hangs on the spinning wheel of death